Total Security
by Quickheal
Source repositories
CVEs (24)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-8775 | Cri | 0.64 | 9.8 | 0.01 | May 4, 2017 | Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 are vulnerable to Memory Corruption while parsing a malformed Mach-O file. | ||
| CVE-2017-8774 | Cri | 0.64 | 9.8 | 0.01 | May 4, 2017 | Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 are vulnerable to Memory Corruption while parsing a malformed Mach-O file. | ||
| CVE-2017-8773 | Cri | 0.64 | 9.8 | 0.02 | May 4, 2017 | Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 are vulnerable to Out of Bounds Write on a Heap Buffer due to improper validation of dwCompressionSize of Microsoft WIM Header WIMHEADER_V1_PACKED. This… | ||
| CVE-2017-5005 | Cri | 0.64 | 9.8 | 0.09 | Jan 2, 2017 | Stack-based buffer overflow in Quick Heal Internet Security 10.1.0.316 and earlier, Total Security 10.1.0.316 and earlier, and AntiVirus Pro 10.1.0.316 and earlier on OS X allows remote attackers to execute arbitrary code via a crafted LC_UNIXTHREAD.cmdsize field in a Mach-O… | ||
| CVE-2024-48292 | Hig | 0.57 | 8.8 | 0.00 | Nov 18, 2024 | An issue in the wssrvc.exe service of QuickHeal Antivirus Pro Version v24.0 and Quick Heal Total Security v24.0 allows authenticated attackers to escalate privileges. | ||
| CVE-2015-8285 | Hig | 0.52 | 7.5 | 0.05 | Apr 20, 2017 | The webssx.sys driver in QuickHeal 16.00 allows remote attackers to cause a denial of service. | ||
| CVE-2018-8090 | Hig | 0.51 | 7.8 | 0.01 | Jul 25, 2018 | Quick Heal Total Security 64 bit 17.00 (QHTS64.exe), (QHTSFT64.exe) - Version 10.0.1.38; Quick Heal Total Security 32 bit 17.00 (QHTS32.exe), (QHTSFT32.exe) - Version 10.0.1.38; Quick Heal Internet Security 64 bit 17.00 (QHIS64.exe), (QHISFT64.exe) - Version 10.0.0.37; Quick… | ||
| CVE-2017-8776 | Hig | 0.49 | 7.5 | 0.01 | May 4, 2017 | Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 have approximately 165 PE files in the default installation that do not use ASLR/DEP protection mechanisms that provide sufficient defense against directed… | ||
| CVE-2025-69875 | 0.00 | — | 0.00 | Feb 3, 2026 | A vulnerability exists in Quick Heal Total Security 23.0.0 in the quarantine management component where insufficient validation of restore paths and improper permission handling allow a low-privileged local user to restore quarantined files into protected system directories.… | |||
| CVE-2023-53973 | 0.00 | — | 0.00 | Dec 22, 2025 | Zillya Total Security 3.0.2367.0 contains a privilege escalation vulnerability that allows low-privileged users to copy files to unauthorized system locations using the quarantine module. Attackers can leverage symbolic link techniques to restore quarantined files to restricted… | |||
| CVE-2024-6871 | 0.00 | — | 0.00 | Nov 22, 2024 | G DATA Total Security Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of G DATA Total Security. An attacker must first obtain the ability to execute… | |||
| CVE-2024-30377 | 0.00 | — | 0.00 | Nov 22, 2024 | G DATA Total Security Scan Server Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of G DATA Total Security. An attacker must first obtain the ability to execute low-privileged… | |||
| CVE-2024-1868 | 0.00 | — | 0.00 | Nov 22, 2024 | G DATA Total Security Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of G DATA Total Security. An attacker must first obtain the ability to execute low-privileged code on the… | |||
| CVE-2024-1867 | 0.00 | — | 0.00 | Nov 22, 2024 | G DATA Total Security Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of G DATA Total Security. An attacker must first obtain the ability to execute low-privileged code on the… | |||
| CVE-2023-27347 | 0.00 | — | 0.00 | May 3, 2024 | G DATA Total Security Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of G Data Total Security. An attacker must first obtain the ability to execute low-privileged code on the… | |||
| CVE-2022-31467 | 0.00 | — | 0.00 | May 23, 2022 | A DLL hijacking vulnerability in the installed for Quick Heal Total Security prior to 12.1.1.27 allows a local attacker to achieve privilege escalation, leading to execution of arbitrary code, via the installer not restricting the search path for required DLLs and then not… | |||
| CVE-2020-27587 | 0.00 | — | 0.00 | Nov 30, 2020 | Quick Heal Total Security before 19.0 allows attackers with local admin rights to obtain access to files in the File Vault via a brute-force attack on the password. | |||
| CVE-2020-27586 | 0.00 | — | 0.01 | Nov 30, 2020 | Quick Heal Total Security before version 19.0 transmits quarantine and sysinfo files via clear text. | |||
| CVE-2020-27585 | 0.00 | — | 0.00 | Nov 30, 2020 | Quick Heal Total Security before 19.0 allows attackers with local admin rights to modify sensitive anti virus settings via a brute-attack on the settings password. | |||
| CVE-2020-9362 | 0.00 | — | 0.01 | Feb 24, 2020 | The Quick Heal AV parsing engine (November 2019) allows virus-detection bypass via a crafted GPFLAG in a ZIP archive. This affects Total Security, Home Security, Total Security Multi-Device, Internet Security, Total Security for Mac, AntiVirus Pro, AntiVirus for Server, and… |
- risk 0.64cvss 9.8epss 0.01
Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 are vulnerable to Memory Corruption while parsing a malformed Mach-O file.
- risk 0.64cvss 9.8epss 0.01
Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 are vulnerable to Memory Corruption while parsing a malformed Mach-O file.
- risk 0.64cvss 9.8epss 0.02
Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 are vulnerable to Out of Bounds Write on a Heap Buffer due to improper validation of dwCompressionSize of Microsoft WIM Header WIMHEADER_V1_PACKED. This…
- risk 0.64cvss 9.8epss 0.09
Stack-based buffer overflow in Quick Heal Internet Security 10.1.0.316 and earlier, Total Security 10.1.0.316 and earlier, and AntiVirus Pro 10.1.0.316 and earlier on OS X allows remote attackers to execute arbitrary code via a crafted LC_UNIXTHREAD.cmdsize field in a Mach-O…
- risk 0.57cvss 8.8epss 0.00
An issue in the wssrvc.exe service of QuickHeal Antivirus Pro Version v24.0 and Quick Heal Total Security v24.0 allows authenticated attackers to escalate privileges.
- risk 0.52cvss 7.5epss 0.05
The webssx.sys driver in QuickHeal 16.00 allows remote attackers to cause a denial of service.
- risk 0.51cvss 7.8epss 0.01
Quick Heal Total Security 64 bit 17.00 (QHTS64.exe), (QHTSFT64.exe) - Version 10.0.1.38; Quick Heal Total Security 32 bit 17.00 (QHTS32.exe), (QHTSFT32.exe) - Version 10.0.1.38; Quick Heal Internet Security 64 bit 17.00 (QHIS64.exe), (QHISFT64.exe) - Version 10.0.0.37; Quick…
- risk 0.49cvss 7.5epss 0.01
Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 have approximately 165 PE files in the default installation that do not use ASLR/DEP protection mechanisms that provide sufficient defense against directed…
- CVE-2025-69875Feb 3, 2026risk 0.00cvss —epss 0.00
A vulnerability exists in Quick Heal Total Security 23.0.0 in the quarantine management component where insufficient validation of restore paths and improper permission handling allow a low-privileged local user to restore quarantined files into protected system directories.…
- CVE-2023-53973Dec 22, 2025risk 0.00cvss —epss 0.00
Zillya Total Security 3.0.2367.0 contains a privilege escalation vulnerability that allows low-privileged users to copy files to unauthorized system locations using the quarantine module. Attackers can leverage symbolic link techniques to restore quarantined files to restricted…
- CVE-2024-6871Nov 22, 2024risk 0.00cvss —epss 0.00
G DATA Total Security Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of G DATA Total Security. An attacker must first obtain the ability to execute…
- CVE-2024-30377Nov 22, 2024risk 0.00cvss —epss 0.00
G DATA Total Security Scan Server Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of G DATA Total Security. An attacker must first obtain the ability to execute low-privileged…
- CVE-2024-1868Nov 22, 2024risk 0.00cvss —epss 0.00
G DATA Total Security Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of G DATA Total Security. An attacker must first obtain the ability to execute low-privileged code on the…
- CVE-2024-1867Nov 22, 2024risk 0.00cvss —epss 0.00
G DATA Total Security Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of G DATA Total Security. An attacker must first obtain the ability to execute low-privileged code on the…
- CVE-2023-27347May 3, 2024risk 0.00cvss —epss 0.00
G DATA Total Security Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of G Data Total Security. An attacker must first obtain the ability to execute low-privileged code on the…
- CVE-2022-31467May 23, 2022risk 0.00cvss —epss 0.00
A DLL hijacking vulnerability in the installed for Quick Heal Total Security prior to 12.1.1.27 allows a local attacker to achieve privilege escalation, leading to execution of arbitrary code, via the installer not restricting the search path for required DLLs and then not…
- CVE-2020-27587Nov 30, 2020risk 0.00cvss —epss 0.00
Quick Heal Total Security before 19.0 allows attackers with local admin rights to obtain access to files in the File Vault via a brute-force attack on the password.
- CVE-2020-27586Nov 30, 2020risk 0.00cvss —epss 0.01
Quick Heal Total Security before version 19.0 transmits quarantine and sysinfo files via clear text.
- CVE-2020-27585Nov 30, 2020risk 0.00cvss —epss 0.00
Quick Heal Total Security before 19.0 allows attackers with local admin rights to modify sensitive anti virus settings via a brute-attack on the settings password.
- CVE-2020-9362Feb 24, 2020risk 0.00cvss —epss 0.01
The Quick Heal AV parsing engine (November 2019) allows virus-detection bypass via a crafted GPFLAG in a ZIP archive. This affects Total Security, Home Security, Total Security Multi-Device, Internet Security, Total Security for Mac, AntiVirus Pro, AntiVirus for Server, and…
Page 1 of 2